Friday, November 30, 2012
Monday, November 26, 2012
gcc
a, LAMP install
1 yum install httpd mysql-server php php-mysql
2 service httpd start
3 locate iptables
4 yum install mlocate
5 locate iptables
6 updatedb
7 locate iptables
8 vim /etc/sysconfig/iptables
9 service httpd restart
10 service iptables restart
11 ifconfig
12 service mysqld start
13 /usr/bin/mysqladmin -u root password 'yourpw'
14 mysql -u root -p
15 mysql -u root -p
19 chkconfig httpd on
20 chkconfig mysqld on
21 cd /var/www/html/
b, Install development tools
yum groupinstall "Development tools"
yum install zlib-devel bzip2-devel openssl-devel ncurses-devel
yum install expat-devel gdbm-devel readline-devel sqlite-devel
c, Install python
yum install python-setuptools
d, install Ruby and Ruby on Rails
Download Ruby:
wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p327.tar.gz
cd ../ruby-1.9.3-p327
sudo ./configure
sudo make
sudo make install
wget http://production.cf.rubygems.org/rubygems/rubygems-1.8.24.tgz
tar zxvf rubygems-1.8.24.tgz
cd rubygems-1.8.24
sudo /usr/local/bin/ruby setup.rb
gem -v
sudo /usr/local/bin/gem install rdoc
sudo /usr/local/bin/gem install rails
1 yum install httpd mysql-server php php-mysql
2 service httpd start
3 locate iptables
4 yum install mlocate
5 locate iptables
6 updatedb
7 locate iptables
8 vim /etc/sysconfig/iptables
9 service httpd restart
10 service iptables restart
11 ifconfig
12 service mysqld start
13 /usr/bin/mysqladmin -u root password 'yourpw'
14 mysql -u root -p
15 mysql -u root -p
19 chkconfig httpd on
20 chkconfig mysqld on
21 cd /var/www/html/
b, Install development tools
yum groupinstall "Development tools"
yum install zlib-devel bzip2-devel openssl-devel ncurses-devel
yum install expat-devel gdbm-devel readline-devel sqlite-devel
c, Install python
yum install python-setuptools
d, install Ruby and Ruby on Rails
Download Ruby:
wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p327.tar.gz
cd ../ruby-1.9.3-p327
sudo ./configure
sudo make
sudo make install
wget http://production.cf.rubygems.org/rubygems/rubygems-1.8.24.tgz
tar zxvf rubygems-1.8.24.tgz
cd rubygems-1.8.24
sudo /usr/local/bin/ruby setup.rb
gem -v
sudo /usr/local/bin/gem install rdoc
sudo /usr/local/bin/gem install rails
find prime number - python code
[chang@sstest python]$ cat primeno.py
#!/usr/bin/python
def if_prime_no(number_n):
yes_p = 1
if number_n > 2:
for i in range(2, number_n):
if number_n%i==0:
#print (str(i) + " is not a prime number ")
yes_p=0
if yes_p == 1:
#print (str(number_n) + " is a prime number")
return 1
else:
#print (str(number_n) + " is not a prime number")
return 0
def all_prime(number_n):
p = [2]
for i in range(2, number_n+1):
if if_prime_no(int(i))==1:
p.append(i)
return p
while True:
your_number = raw_input ("Please enter the number or 'exit' to exit:")
if your_number == 'exit':
break
else:
if if_prime_no(int(your_number))==1:
print (your_number + " is a prime number")
else:
print (your_number + " is not a prime number")
print all_prime(int(your_number))
======================================
[cng@sstest python]$ ./primeno.py
Please enter the number or 'exit' to exit:20
20 is not a prime number
[2, 3, 5, 7, 11, 13, 17, 19]
Please enter the number or 'exit' to exit:13
13 is a prime number
[2, 3, 5, 7, 11, 13]
Please enter the number or 'exit' to exit:exit
#!/usr/bin/python
def if_prime_no(number_n):
yes_p = 1
if number_n > 2:
for i in range(2, number_n):
if number_n%i==0:
#print (str(i) + " is not a prime number ")
yes_p=0
if yes_p == 1:
#print (str(number_n) + " is a prime number")
return 1
else:
#print (str(number_n) + " is not a prime number")
return 0
def all_prime(number_n):
p = [2]
for i in range(2, number_n+1):
if if_prime_no(int(i))==1:
p.append(i)
return p
while True:
your_number = raw_input ("Please enter the number or 'exit' to exit:")
if your_number == 'exit':
break
else:
if if_prime_no(int(your_number))==1:
print (your_number + " is a prime number")
else:
print (your_number + " is not a prime number")
print all_prime(int(your_number))
======================================
[cng@sstest python]$ ./primeno.py
Please enter the number or 'exit' to exit:20
20 is not a prime number
[2, 3, 5, 7, 11, 13, 17, 19]
Please enter the number or 'exit' to exit:13
13 is a prime number
[2, 3, 5, 7, 11, 13]
Please enter the number or 'exit' to exit:exit
Sunday, November 25, 2012
add cucksandbox to ubuntu service
Step 1, create an file /etc/init.d/cuckoo
#!/bin/bash
## Fill in name of program here.
PROG="cuckoo"
PID_PATH="/opt/cuckoo/"
start() {
if [ -e "$PID_PATH/$PROG.pid" ]; then
## Program is running, exit with error.
echo "Error! $PROG is currently running!" 1>&2
exit 1
else
cd /opt/cuckoo
python cuckoo.py 2>&1 >/var/log/$PROG &
echo "$PROG started"
touch "$PID_PATH/$PROG.pid"
fi
}
stop() {
if [ -e "$PID_PATH/$PROG.pid" ]; then
kill `ps aux | grep cuckoo.py | grep -v 'grep' | awk '{print $2}'`
rm "$PID_PATH/$PROG.pid"
echo "$PROG stopped"
else
## Program is not running, exit with error.
echo "Error! $PROG not started!" 1>&2
exit 1
fi
}
## Check to see if we are running as root first.
## Found at http://www.cyberciti.biz/tips/shell-root-user-check-script.html
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
case "$1" in
start)
start
exit 0
;;
stop)
stop
exit 0
;;
reload|restart|force-reload)
stop
start
exit 0
;;
**)
echo "Usage: $0 {start|stop|reload}" 1>&2
exit 1
;;
esac
Step 2: start or stop service
root@cuckoodesktop32:~# /etc/init.d/cuckoo stop
root@cuckoodesktop32:~# /etc/init.d/cuckoo start
Step 3, make it start automatically
root@cuckoodesktop32:~# update-rc.d cuckoo defaults
#!/bin/bash
## Fill in name of program here.
PROG="cuckoo"
PID_PATH="/opt/cuckoo/"
start() {
if [ -e "$PID_PATH/$PROG.pid" ]; then
## Program is running, exit with error.
echo "Error! $PROG is currently running!" 1>&2
exit 1
else
cd /opt/cuckoo
python cuckoo.py 2>&1 >/var/log/$PROG &
echo "$PROG started"
touch "$PID_PATH/$PROG.pid"
fi
}
stop() {
if [ -e "$PID_PATH/$PROG.pid" ]; then
kill `ps aux | grep cuckoo.py | grep -v 'grep' | awk '{print $2}'`
rm "$PID_PATH/$PROG.pid"
echo "$PROG stopped"
else
## Program is not running, exit with error.
echo "Error! $PROG not started!" 1>&2
exit 1
fi
}
## Check to see if we are running as root first.
## Found at http://www.cyberciti.biz/tips/shell-root-user-check-script.html
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
case "$1" in
start)
start
exit 0
;;
stop)
stop
exit 0
;;
reload|restart|force-reload)
stop
start
exit 0
;;
**)
echo "Usage: $0 {start|stop|reload}" 1>&2
exit 1
;;
esac
Step 2: start or stop service
root@cuckoodesktop32:~# /etc/init.d/cuckoo stop
root@cuckoodesktop32:~# /etc/init.d/cuckoo start
Step 3, make it start automatically
root@cuckoodesktop32:~# update-rc.d cuckoo defaults
Saturday, November 24, 2012
python restful server
http://flask.pocoo.org/docs/quickstart/
http://publish.luisrei.com/articles/flaskrest.html
https://github.com/twilio/flask-restful
http://publish.luisrei.com/articles/flaskrest.html
https://github.com/twilio/flask-restful
linux check port open
cng@cuckoodesktop32:~$ netstat -ntulp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
udp 0 0 0.0.0.0:35312 0.0.0.0:* -
udp 0 0 127.0.0.1:53 0.0.0.0:* -
udp 0 0 0.0.0.0:68 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp6 0 0 :::5353 :::* -
udp6 0 0 :::35649 :::* -
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
udp 0 0 0.0.0.0:35312 0.0.0.0:* -
udp 0 0 127.0.0.1:53 0.0.0.0:* -
udp 0 0 0.0.0.0:68 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp6 0 0 :::5353 :::* -
udp6 0 0 :::35649 :::* -
cuckoosadbox integrate with virustotal
cng@cuckoodesktop32:/opt/cuckoo$ vim modules/processing/virustotal.py
http://www.xors.me/?p=5313
http://www.xors.me/?p=5313
Thursday, November 22, 2012
update mysql table enum
mysql> alter table FS_table change sengine sengine enum('PDF','Emtector','A','vast','Bd','FProt');
Tuesday, November 20, 2012
add openfire to windows services
1, run cmd as administrator
2, run this command:
C:\ss\Openfire\bin>openfire-service.exe /install
Installed service 'Openfire'.
2, run this command:
C:\ss\Openfire\bin>openfire-service.exe /install
Installed service 'Openfire'.
Monday, November 19, 2012
avira liunx installation
1, download:
http://premium.avira-update.com/package/wks_avira/unix/en/pers/antivir_workstation-pers.tar.gz
2, download key
http://dl1.avgate.net/down/windows/hbedv.key
sudo cp hbedv_key /usr/lib/AntiVir/guard/hbedv.key
you can use windows on linux system
3, restart service
sudo /etc/init.d/avguard restart
4, update database
[chang@FSWWW ~]$ sudo avupdate-guard
http://premium.avira-update.com/package/wks_avira/unix/en/pers/antivir_workstation-pers.tar.gz
2, download key
http://dl1.avgate.net/down/windows/hbedv.key
sudo cp hbedv_key /usr/lib/AntiVir/guard/hbedv.key
you can use windows on linux system
3, restart service
sudo /etc/init.d/avguard restart
4, update database
[chang@FSWWW ~]$ sudo avupdate-guard
Tuesday, November 13, 2012
cuckoo & malware tools
1, good site
http://bsa.isoftware.nl/
http://blog.michaelboman.org/2012/06/mart-malware-analyst-research-toolkit_25.html
http://contagiodump.blogspot.com/2011/11/nov-3-cve-2011-0611-1104statmentpdf.html
http://www.selectrealsecurity.com/malware-analysis
http://fumalwareanalysis.blogspot.com/
http://fumalwareanalysis.blogspot.com/p/malware-analysis-tutorials-reverse.html
2, conf pdf scan
update this file:
vim analyzer/windows/packages/pdf.py
p.execute(path="C:\\Program Files\\Adobe\\Reader 11.0\\Reader\\AcroRd32.exe", args=arg, suspended=True)
http://bsa.isoftware.nl/
http://blog.michaelboman.org/2012/06/mart-malware-analyst-research-toolkit_25.html
http://contagiodump.blogspot.com/2011/11/nov-3-cve-2011-0611-1104statmentpdf.html
http://www.selectrealsecurity.com/malware-analysis
http://fumalwareanalysis.blogspot.com/
http://fumalwareanalysis.blogspot.com/p/malware-analysis-tutorials-reverse.html
2, conf pdf scan
update this file:
vim analyzer/windows/packages/pdf.py
p.execute(path="C:\\Program Files\\Adobe\\Reader 11.0\\Reader\\AcroRd32.exe", args=arg, suspended=True)
Monday, November 12, 2012
good templates
http://screenhero.com/
http://www.mediafire.com/
http://www.cuckoosandbox.org/index.html
http://www.mediafire.com/
http://www.cuckoosandbox.org/index.html
Subscribe to:
Posts (Atom)